Posted on

Openbravo ERP up to 3.0PR19Q1.2 getAttachmentDirectoryForNewAttachment inpKey directory traversal

A vulnerability was found in Openbravo ERP up to 3.0PR19Q1.2 (Enterprise Resource Planning Software). It has been rated as critical. Affected by this issue is the function getAttachmentDirectoryForNewAttachment. Upgrading to version 3.0PR19Q1.3 eliminates this vulnerability.